(1) Unauthorized access to the application is prohibited;
(2) The company’s security policy provides for the monitoring, collection and recording of activity on company owned or leased computing resources; and
(3) Any unauthorized activity observed could be subject to temporary or permanent access restrictions.